farcasclaudiu/openclaw
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/openclaw.git synced 2026-06-28 15:01:41 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): default apply_patch workspace containment

Browse Source
This commit is contained in:
Peter Steinberger
2026-02-15 01:21:07 +01:00
parent 68c78c4b43
commit 4a44da7d91
9 changed files with 191 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/tools/index.md
+1 -1
View File
@@ -181,7 +181,7 @@ Optional plugin tools:
Apply structured patches across one or more files. Use for multi-hunk edits.
Experimental: enable via `tools.exec.applyPatch.enabled` (OpenAI models only).
Optional: restrict patch paths to the workspace directory with `tools.exec.applyPatch.workspaceOnly: true`.
`tools.exec.applyPatch.workspaceOnly` defaults to `true` (workspace-contained). Set it to `false` only if you intentionally want `apply_patch` to write/delete outside the workspace directory.
### `exec`